Lucene search
K

303 matches found

CNVD
CNVD
added 2017/10/18 12:0 a.m.5 views

Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2017-31313)

Oracle Fusion Middleware Oracle Fusion Middleware is the United States Oracle Oracle company's set of business innovation platform for enterprise and cloud environments. The platform provides middleware, software collection and other functions. Oracle GlassFish Server is one of the components tha...

6.8CVSS6.4AI score0.0121EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/01 12:0 a.m.5 views

Oracle GlassFish Server Open Source Edition Licensing Issues Vulnerability

Oracle GlassFish Server Open Source Edition is the United States Oracle Oracle company's set of open source version of the server used to build Java EE server-side Java applications. A security vulnerability exists in Oracle GlassFish Server Open Source Edition version 3.0.1 build 22. An attacker...

9.8CVSS9.3AI score0.017EPSS
Exploits0References1
NVD
NVD
added 2017/07/17 1:18 p.m.24 views

CVE-2017-1000029

Oracle, GlassFish Server Open Source Edition 3.0.1 build 22 is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication...

7.5CVSS7.5AI score0.08348EPSS
Exploits0References1
NVD
NVD
added 2017/07/17 1:18 p.m.23 views

CVE-2017-1000030

Oracle, GlassFish Server Open Source Edition 3.0.1 build 22 is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface...

9.8CVSS9.7AI score0.017EPSS
Exploits0References1
NVD
NVD
added 2017/07/17 1:18 p.m.17 views

CVE-2017-1000028

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request...

7.5CVSS7.5AI score0.99479EPSS
Exploits7References3
Prion
Prion
added 2017/07/17 1:18 p.m.20 views

Directory traversal

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request...

5CVSS7.4AI score0.99479EPSS
Exploits7References3Affected Software1
UbuntuCve
UbuntuCve
added 2017/07/17 1:18 p.m.33 views

CVE-2017-1000028

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request...

7.5CVSS7.1AI score0.99479EPSS
Exploits7References2
Cvelist
Cvelist
added 2017/07/13 8:0 p.m.29 views

CVE-2017-1000028

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request...

7.6AI score0.99479EPSS
Exploits7References3
Cvelist
Cvelist
added 2017/07/13 8:0 p.m.28 views

CVE-2017-1000029

Oracle, GlassFish Server Open Source Edition 3.0.1 build 22 is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication...

8.6AI score0.08348EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/07/13 8:0 p.m.49 views

CVE-2017-1000029

Removed by vendor...

7.5CVSS8.2AI score0.08348EPSS
Exploits0
Debian CVE
Debian CVE
added 2017/07/13 8:0 p.m.80 views

CVE-2017-1000028

Removed by vendor...

7.5CVSS7.8AI score0.99479EPSS
Exploits7
NVD
NVD
added 2017/04/24 7:59 p.m.23 views

CVE-2017-3626

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle...

3.1CVSS2AI score0.01533EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/04/24 7:59 p.m.30 views

CVE-2017-3626

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle...

3.1CVSS6.3AI score0.01533EPSS
Exploits0References2
OSV
OSV
added 2017/04/24 7:59 p.m.4 views

UBUNTU-CVE-2017-3626

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle...

3.1CVSS6.1AI score0.01533EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/04/24 7:0 p.m.29 views

CVE-2017-3626

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle...

2AI score0.01533EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2017/04/24 7:0 p.m.41 views

CVE-2017-3626

Removed by vendor...

3.1CVSS4.6AI score0.01533EPSS
Exploits0
CNVD
CNVD
added 2017/04/20 12:0 a.m.4 views

Oracle Fusion Middleware Oracle GlassFish Server Component Information Disclosure Vulnerability

Oracle Fusion Middleware Oracle Fusion Middleware is the United States Oracle Oracle company's set of business innovation platform for enterprise and cloud environments. The platform provides middleware, software collection and other functions. Oracle GlassFish Server is one of the components tha...

3.1CVSS6.9AI score0.01533EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/04/20 12:0 a.m.462 views

Oracle GlassFish Server 3.1.2.x < 3.1.2.17 Java Server Faces Information Disclosure (April 2017 CPU)

According to its self-reported version, the Oracle GlassFish Server running on the remote host is 3.1.2.x prior to 3.1.2.17. It is, therefore, affected by an unspecified flaw in the Java Server Faces subcomponent that allows an unauthenticated, remote attacker to disclose potentially sensitive...

3.1CVSS5.7AI score0.01533EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/04/19 12:0 a.m.249 views

Oracle GlassFish Server 3.1.2 Multiple Vulnerabilities

Oracle GlassFish Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.3CVSS6.8AI score0.35927EPSS
Exploits0References7
Veracode
Veracode
added 2017/03/23 5:36 a.m.31 views

Denial Of Service (DoS)

Oracle Glassfish web-core is vulnerable to denial of service DoS attacks. The vulnerability exists because it allows the generation of the same hash value for all the values in the hash table, allowing it to cause hashtable collisions. Due to these hash table collisions, attackers can consume hou...

5CVSS8.5AI score0.68914EPSS
Exploits6References28Affected Software4
Rows per page
Query Builder